Get/examine headers of some website in console

Question

So, I want to send a GET request from my FFQuantum console and examine the response (the header) that I receive as response. I just want to check the fields, nothing more.

Now, when I run this script on this website (https://stackoverflow.com/), with this code:

var req = new XMLHttpRequest();
var web_adress = 'https://stackoverflow.com/';
req.open('GET', web_adress, false);
req.send(null);
var headers = req.getAllResponseHeaders().toLowerCase();
alert(headers);

I get the header just right, but when I'm for example, on Google, then I get the error:

For results, I expect to see filled popup but I get the empty one. That is for when I'm on Google and trying to fetch the Stack's header.

What am I getting?

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://stackoverflow.com/. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Is there a way to get the headers from StackOverflow when I'm on Googles pages?

Answer 1

No, you can't. Is is because of security. Browser don't allow you to send requests across domains! To allow this action stackoverflow must return something like this:

Access-Control-Allow-Origin: https://google.com

But there isn't this header in response. If you want to do something like this - try to use special browsers which do not use The Same Origin Policy or some other soft. Phantomjs for example or nodejs (if you want to do it with JS) or curl request etc.

But probaby you can do something like this:

google.com => yourdomain.com => stackoverflow.com

Here you use your host like a proxy (remember that you need to set Access-Control-Allow-Origin: *)

The problem is in browser security =)